NSA Patents Herbert's Network Snooper Catcher

The NSA has patented a way of determining if bad guys are attempting to tamper with network communication. It sounds similar to an idea that Frank Herbert wrote about thirty years ago.

The basic NSA idea is that you measure the time that the network takes to send data from one computer to another. If there is a regular, unexplained delay, it might be bad guys intercepting and then retransmitting data.

Other researchers have looked into this problem in the past and proposed a technique called distance bounding, but the NSA patent takes a different tack, comparing different types of data travelling across the network. "The neat thing about this particular patent is that they look at the differences between the network layers," said Tadayoshi Kohno, an assistant professor of computer science at the University of Washington.

The technique could be used for purposes such as detecting a fake phishing Web site that was intercepting data between users and their legitimate banking sites, he said. "This whole problem space has a lot of potential, [although] I don't know if this is going to be the final solution that people end up using."